Date: 25 Jun 2002 11:57:23 +0200 From: Jan Lentfer <Jan.Lentfer@web.de> To: Thomas Seyrat <thomas@glou.net> Cc: FreeBSD Security Maillinglist <freebsd-security@FreeBSD.ORG> Subject: Re: How to check if "UsePrivilegeSeparation" works in OpenSSH? Message-ID: <1024999044.5380.2.camel@jan-linnb.lan> In-Reply-To: <20020625094900.GA13755@lise.hsc.fr> References: <20020625195333.U69343-100000@a2> <902312FB-8813-11D6-919D-0030654D97EC@patpro.net> <20020625094900.GA13755@lise.hsc.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] Am Die, 2002-06-25 um 11.49 schrieb Thomas Seyrat: > patpro wrote: > > >I don't see the [priv] bit on the second one. > > >Can you confirm with lsof that the chroot has taken effect? > > well in fact no, nothing about /var/empty in lsof > > While sshd is waiting for password, I have : > > sshd 32666 0,0 0,3 3496 1596 ?? I 11:42 0:00,09 sshd: seyrat [net] (sshd) > > and lsof -p 32666 | grep rtd gives : > > sshd 32666 sshd rtd VDIR 13,131078 512 4 /var/empty > > This untrusted sshd process is indeed correctly chrooted. I checked that, too. If you are using the openssh-portable port as of today it is running in /usr/empty su-2.05# /usr/local/sbin/lsof -p 5244 | grep rtd sshd 5244 sshd rtd VDIR 116,131077 512 4587008 /usr/empty Regards, Jan [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQA9GD6DN1wGzE0LIcgRAscuAJ9ve9QHGg7UvW3qcfnvf6TiYA0oHACgnniX /UUZleUlVE938SbI1Gvh5vI= =Mw6V -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1024999044.5380.2.camel>